US11604865B2 - Method for the secured access of data of a transportation vehicle - Google Patents

Method for the secured access of data of a transportation vehicle Download PDF

Info

Publication number
US11604865B2
US11604865B2 US16/337,946 US201716337946A US11604865B2 US 11604865 B2 US11604865 B2 US 11604865B2 US 201716337946 A US201716337946 A US 201716337946A US 11604865 B2 US11604865 B2 US 11604865B2
Authority
US
United States
Prior art keywords
transportation vehicle
data
mobile terminal
application
specific
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active, expires
Application number
US16/337,946
Other versions
US20200026864A1 (en
Inventor
Andreas Meier
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Volkswagen AG
Original Assignee
Volkswagen AG
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Volkswagen AG filed Critical Volkswagen AG
Assigned to VOLKSWAGEN AKTIENGESELLSCHAFT reassignment VOLKSWAGEN AKTIENGESELLSCHAFT ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: MEIER, ANDREAS
Publication of US20200026864A1 publication Critical patent/US20200026864A1/en
Application granted granted Critical
Publication of US11604865B2 publication Critical patent/US11604865B2/en
Active legal-status Critical Current
Adjusted expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C5/00Registering or indicating the working of vehicles
    • G07C5/008Registering or indicating the working of vehicles communicating information to a remotely located station
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • H04W12/082Access security using revocation of authorisation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/30Services specially adapted for particular environments, situations or purposes
    • H04W4/40Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/30Services specially adapted for particular environments, situations or purposes
    • H04W4/40Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]
    • H04W4/48Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P] for in-vehicle communication

Definitions

  • Illustrative embodiments relate to a method for securely accessing data of a transportation vehicle and to a system for securely accessing data of a transportation vehicle.
  • FIG. 1 shows a schematic illustration of an exemplary embodiment of the disclosed system for securely accessing data of a transportation vehicle
  • FIG. 2 shows a schematic illustration of a further exemplary embodiment of the disclosed system for securely accessing data of a transportation vehicle.
  • transportation vehicle-based mobile online services have available to them transportation vehicle-specific data, which are recorded, for example, by sensors of the transportation vehicle in question. Using such data, it is possible to create attractive programs for transportation vehicle owners and transportation vehicle users, whose availability and/or compatibility with particular transportation vehicles will also influence the purchase decision of potential buyers in the future.
  • Document DE 10 2011 100 938 A1 discloses a vehicle information and entertainment system for executing applications.
  • the system comprises an operating system that is designed to execute applications, a monitoring unit that is designed to determine current state variables of the vehicle and an authorization unit that is designed to prevent or to allow the execution of applications by the operating system depending on the determined current state variables of the vehicle.
  • Document DE 10 2014 218 225 A1 furthermore discloses a method for constructing a secure, authenticated connection between an object and a central computer unit, wherein the connection is constructed by a mobile computer unit, wherein authentication of a user at the central computer unit is ensured by a client certificate that has been loaded in an app on the mobile computer unit.
  • Document US 2012/0324482 A1 furthermore discloses a method that allows applications on a mobile terminal to be provided on a vehicle entertainment apparatus in a secure manner. To this end, a permission check is performed, by way of which the approval of a user for particular data is checked.
  • the disclosed embodiments create a possibility of providing transportation vehicle-specific data in a controlled manner for use with applications on mobile terminals.
  • Disclosed embodiments provide a method and a system.
  • a mobile terminal is provided on which there is installed an application that is designed to use data of the transportation vehicle. Furthermore, a dedicated memory is provided in which, by way of a controller of the transportation vehicle, data of the transportation vehicle are provided for retrieval by the mobile terminal.
  • the application authenticates itself on an authentication module, designed for this purpose, by way of an identification feature, and the application on the mobile terminal, following successful authentication, is provided with read access to the dedicated memory therefor.
  • the disclosed method has the benefit that there is no direct access to a transportation vehicle-internal communication system, such as a transportation vehicle-internal Ethernet or a transportation vehicle bus, for instance, a Controller Area Network (CAN) bus, a Media Oriented System Transport (MOST) bus or a FlexRay bus.
  • a transportation vehicle-internal communication system such as a transportation vehicle-internal Ethernet or a transportation vehicle bus, for instance, a Controller Area Network (CAN) bus, a Media Oriented System Transport (MOST) bus or a FlexRay bus.
  • CAN Controller Area Network
  • MOST Media Oriented System Transport
  • FlexRay FlexRay bus
  • the identification feature that is used may be valid only for a selected combination of application, mobile terminal and transportation vehicle. This thus prevents a manipulated application from being able to use the identification feature of another application and being able to access data of another transportation vehicle by copying the identification feature onto another mobile terminal and/or by manipulating the application.
  • authentication of the application on the authentication module, designed for this purpose, by way of the identification feature likewise comprises authorizing the application to access selected data in the dedicated memory.
  • the application is granted only read access to the dedicated memory. Read access may be granted for all data or only for some of the data that are stored in the dedicated memory. Read access is granted only for data for which the application has been authorized beforehand.
  • the application may also be granted write access to the dedicated memory.
  • the controller may be connected to one or more transportation vehicle-internal communication systems and be designed to retrieve data of the transportation vehicle to be stored in the dedicated memory via the one or more transportation vehicle-internal communication systems.
  • transportation vehicle-specific data that are already used, for example, by another transportation vehicle-specific device may be retrieved by the controller and stored in the dedicated memory.
  • These may be, for example, sensor data on the position, speed and/or acceleration of the transportation vehicle.
  • the data may relate to the energy or fuel consumption of the transportation vehicle or the state of individual transportation vehicle systems.
  • the data may also relate to sensor data logs and/or profiles.
  • the data may relate to image and/or audio signals that are recorded by transportation vehicle-internal cameras, radar sensors, laser scanners, ultrasound sensors and/or other imaging sensors or microphones.
  • the controller may prevent the application on the mobile terminal from accessing the one or more transportation vehicle-internal communication systems. Due to the fact that the controller is able to prevent the application on the mobile terminal from accessing the one or more transportation vehicle-internal communication systems, the risk of losing control over the data of the transportation vehicle is further reduced.
  • the controller may fully or partly prevent the application on the mobile terminal from accessing the one or more transportation vehicle-internal communication systems.
  • the authentication module may be configured as a component of a transportation vehicle-specific media playback system or of a transportation vehicle-specific communication unit having Internet connectivity. The authentication may thus already take place in the transportation vehicle, such that no separate connection to an authentication entity is necessary. If the transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit is designed to communicate directly with the mobile terminal, for example, via BLUETOOTH®, the authentication may also take place when an Internet connection is not available.
  • the authentication module may be configured as a component of a central computer that is designed to communicate with the mobile terminal and the transportation vehicle.
  • the central computer is, for example, a back-end of a transportation vehicle manufacturer or of a third-party provider. Due to the fact that the authentication module is configured as a component of a central computer, central authentication may be performed. In the case of a certificate-based authentication, this may be beneficial when the central computer is designed to check the authenticity and validity of a certificate that is used.
  • the authentication of the application on the authentication module, designed for this purpose, by way of an identification feature may comprise transmission of the identification feature from the mobile terminal to the transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit and/or transmission of the identification feature from the transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit to the central computer.
  • the central computer may be designed to generate an authorization file, which comprises, for example, a token or a certificate, and to send this to the transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit.
  • the transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit then forwards the authorization file to the application on the mobile terminal.
  • the authorization file may have a restricted validity and comprise information about the scope of the data to be released for the application.
  • the central computer may furthermore inform the transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit about which data should be released to the application on the mobile terminal.
  • the transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit may then prompt the controller to retrieve the corresponding data via one or more transportation vehicle-internal communication systems, for instance, via a transportation vehicle bus, and store them in the dedicated memory.
  • the mobile terminal may then access the corresponding data in the dedicated memory by way of the authorization file. If an application is subsequently identified as being defective, the authorization file or the certificate or the token within the authorization file may be declared invalid, such that the central computer blocks the data release.
  • the application on the mobile terminal may have been investigated and checked beforehand by the manufacturer or a third-party provider so as to define the scope of the data of the transportation vehicle to be released for the application.
  • the identification feature may comprise a token and/or a certificate.
  • PINs, hashes and other security functions may also be used.
  • the certificate and/or the token have to be created before the first use and stored on the mobile terminal. If the mobile terminal is then connected to the transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit in terms of signaling, the application may authenticate itself directly on the transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit.
  • the connection in terms of signaling between the transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit and the mobile terminal may be wired or wireless.
  • the certificate or the token is transmitted to the transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit.
  • the certificate or the token may then be transmitted in encrypted form to the central computer by the transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit.
  • the central computer checks the certificate or the token for validity. The validity check may comprise establishing whether the application mentioned in the certificate or the token from the mobile terminal mentioned in the certificate or the token accesses the transportation vehicle mentioned in the certificate or the token. If this is confirmed, the central computer informs the transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit about which data of the transportation vehicle the application is allowed to access. As soon as the transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit has received confirmation of authenticity and has been informed which data should be provided, it may issue the application with an authorization file, which may likewise comprise a certificate or a token.
  • a storage process also begins, which retrieves the required data from the one or more transportation vehicle-internal communication systems and stores them in the dedicated memory.
  • the dedicated memory may be configured as a component of a transportation vehicle-specific media playback system or of a transportation vehicle-specific communication unit having Internet connectivity.
  • the dedicated memory may be configured as a component of a central computer that is designed to communicate with the mobile terminal and the transportation vehicle. If the dedicated memory is configured as a component of the transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit, a direct data exchange may take place between the transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit and the mobile terminal. If the dedicated memory is configured as a component of a central computer, data security is further increased since the data of the transportation vehicle are retrieved by the mobile terminal not directly from the transportation vehicle, but rather from a transportation vehicle-external memory. The risk of the application gaining access to further data of the transportation vehicle is thus considerably reduced.
  • the method may comprise transmission of data of the transportation vehicle from the one or more transportation vehicle-internal communication systems to the transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit and/or transmission of data of the transportation vehicle from the transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit to the mobile terminal.
  • the method may comprise transmission of data of the transportation vehicle from the transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit to the central computer and/or transmission of data of the transportation vehicle from the central computer to the mobile terminal.
  • various combinations of the designated data transmission paths may result.
  • the application on the mobile terminal may retrieve the data of the transportation vehicle via an application programming interface.
  • the retrieval of the data of the transportation vehicle from the dedicated memory by the application on the mobile terminal and/or the retrieval of the data of the transportation vehicle from the one or more transportation vehicle-internal communication systems by the controller may be performed regularly or irregularly.
  • the retrieval of the data of the transportation vehicle from the dedicated memory by the application on the mobile terminal and/or the retrieval of the data of the transportation vehicle from the one or more transportation vehicle-internal communication systems by the controller may be initiated by an event.
  • the event may relate, for example, to the presence of new data of the transportation vehicle, such that the data retrieval is initiated whenever new data of the transportation vehicle are present.
  • the mobile terminal on which the application is installed emulates transportation vehicle-specific components, such as, for example, the transportation vehicle-specific communication unit.
  • the disclosed system for securely accessing data of a transportation vehicle comprises a mobile terminal and a dedicated memory.
  • An application that is designed to use data of the transportation vehicle is installed on the mobile terminal.
  • Data of the transportation vehicle for retrieval by the mobile terminal are provided in the dedicated memory by way of a controller of the transportation vehicle.
  • the system is designed to execute the method for securely accessing data of a transportation vehicle according to at least one of the embodiments described above.
  • the system may additionally have a central computer.
  • FIG. 1 shows a system 10 with a transportation vehicle 12 and a mobile terminal 14 .
  • An application 16 that is designed to use data of the transportation vehicle 12 is installed on the mobile terminal 14 .
  • the transportation vehicle 12 comprises a transportation vehicle-specific media playback system 28 and a transportation vehicle-internal communication system 24 .
  • the transportation vehicle-internal communication system 24 comprises a CAN bus, to which a total of three sensors 26 a - 26 c are connected in terms of signaling, the three sensors 26 a - 26 c recording data of the transportation vehicle 12 .
  • the sensor 26 a is an acceleration sensor and provides acceleration data of the transportation vehicle 12 .
  • the sensor 26 b detects the fuel consumption of the transportation vehicle 12 and provides fuel-based consumption data of the transportation vehicle 12 .
  • the sensor 26 c is a distance sensor and provides data that relate to the distance of the transportation vehicle 12 from a transportation vehicle in front.
  • the transportation vehicle-specific media playback system 28 has a dedicated memory 18 , a controller 20 and an authentication module 22 .
  • Data of the transportation vehicle 12 for retrieval by the mobile terminal 14 are provided in the dedicated memory 18 by way of the controller 20 of the transportation vehicle 12 .
  • the controller 20 is connected to the transportation vehicle-internal communication system 24 and designed to retrieve the data of the transportation vehicle 12 to be stored in the dedicated memory 18 from the sensors 26 a - 26 c via the transportation vehicle-internal communication system 24 .
  • the controller 20 furthermore prevents the application 16 on the mobile terminal 14 from directly accessing the transportation vehicle-internal communication system 24 .
  • the system 10 is designed for the application 16 to be able to authenticate itself on the authentication module 22 , designed for this purpose, by way of an identification feature, such that, following successful authentication, read access to the dedicated memory 18 is able to be provided for the application 16 on the mobile terminal 14 .
  • the identification feature has been stored beforehand on the mobile terminal 14 and comprises a certificate that is valid for a selected application 16 on a selected mobile terminal 14 to access data of a selected transportation vehicle 12 .
  • the authentication of the application 16 on the authentication module 22 designed for this purpose, by way of the identification feature comprises transmission of the identification feature from the mobile terminal 14 to the transportation vehicle-specific media playback system 28 .
  • the data of the transportation vehicle 12 are transmitted from the transportation vehicle-internal communication system 24 to the transportation vehicle-specific media playback system 28 .
  • the data of the transportation vehicle 12 are then transmitted from the transportation vehicle-specific media playback system 28 to the mobile terminal 14 .
  • the authentication of the application 16 and the provision of the data of the transportation vehicle 12 for the application 16 is performed via the communication connection 32 .
  • the application 16 on the mobile terminal 14 retrieves the data of the transportation vehicle 12 from the transportation vehicle 12 via an application programming interface.
  • FIG. 2 shows a system 10 with a transportation vehicle 12 , a mobile terminal 14 and a central computer 30 .
  • An application 16 that is designed to use data of the transportation vehicle 12 is installed on the mobile terminal 14 .
  • the transportation vehicle 12 comprises a transportation vehicle-specific media playback system 28 and a transportation vehicle-internal communication system 24 .
  • the central computer 30 is configured as a back-end of a transportation vehicle manufacturer and comprises a dedicated memory 18 and an authentication module 22 .
  • the central computer 30 is furthermore designed to communicate with the mobile terminal 14 via the communication connection 34 and with the transportation vehicle 12 via the communication connection 36 .
  • the transportation vehicle-internal communication system comprises an MOST bus, which is connected in terms of signaling to a total of three cameras 26 a - 26 c , the three cameras 26 a - 26 c recording data of the transportation vehicle 12 .
  • the camera 26 a is a front camera and provides an image signal for the surroundings in front of the transportation vehicle.
  • the camera 26 b is a rear camera and provides an image signal for the surroundings behind the transportation vehicle.
  • the camera 26 c is an interior camera and provides an image signal for the region of the driver's seat.
  • the transportation vehicle-specific media playback system 28 has a controller 20 .
  • Data of the transportation vehicle 12 are provided in the dedicated memory 18 of the central computer 30 for retrieval by the mobile terminal 14 by way of the controller 20 of the transportation vehicle 12 .
  • the controller 20 is connected to the transportation vehicle-internal communication system 24 and designed to retrieve the data of the transportation vehicle 12 to be stored in the dedicated memory 18 from the cameras 26 a - 26 c via the transportation vehicle-internal communication system 24 .
  • the controller 20 furthermore prevents the application 16 on the mobile terminal 14 from directly accessing the transportation vehicle-internal communication system 24 .
  • the system 10 is designed for the application 16 to be able to authenticate itself on the authentication module 22 , designed for this purpose, by way of an identification feature, such that, following successful authentication, read access to the dedicated memory 18 is able to be provided for the application 16 on the mobile terminal 14 .
  • the identification feature has been stored beforehand on the mobile terminal 14 and comprises a token that is valid for a selected application 16 on a selected mobile terminal 14 to access data of a selected transportation vehicle 12 .
  • the authentication of the application 16 on the authentication module 22 by way of an identification feature comprises transmission of the identification feature from the mobile terminal 14 to the transportation vehicle-specific media playback system 28 and transmission of the identification feature from the transportation vehicle-specific media playback system 28 to the central computer 30 .
  • the data of the transportation vehicle 12 are transmitted from the transportation vehicle-internal communication system 24 to the transportation vehicle-specific media playback system 28 .
  • the data of the transportation vehicle 12 are then transmitted from the transportation vehicle-specific media playback system 28 to the central computer 30 .
  • the data of the transportation vehicle 12 are then transmitted from the central computer 30 to the mobile terminal 14 .
  • the application 16 is thus authenticated via the communication connections 32 and 36 .
  • the provision of the data of the transportation vehicle 12 for the application 16 is thus performed via the communication connections 34 and 36 .
  • the application 16 on the mobile terminal 14 retrieves the data of the transportation vehicle 12 from the central computer 30 via an application programming interface.
  • the disclosure allows transportation vehicle-specific data to be provided in a controlled manner for use with applications on mobile terminals.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Software Systems (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Bioethics (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephonic Communication Services (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

A method for the secured access of data of a transportation vehicle including providing a mobile terminal on which an application is installed that uses data of the transportation vehicle and providing a separate storage unit on which data of the transportation vehicle is stored by a controller of the transportation vehicle for retrieval by the mobile terminal. The method authenticates the use on an authentication module using an identification feature and provides a reading access to the separate storage unit for use on the mobile terminal after a successful authentication.

Description

PRIORITY CLAIM
This patent application is a U.S. National Phase of International Patent Application No. PCT/EP2017/073209, filed 14 Sep. 2017, which claims priority to German Patent Application No. 10 2016 219 014.8, filed 30 Sep. 2016, the disclosures of which are incorporated herein by reference in their entireties.
SUMMARY
Illustrative embodiments relate to a method for securely accessing data of a transportation vehicle and to a system for securely accessing data of a transportation vehicle.
BRIEF DESCRIPTION OF THE DRAWINGS
Disclosed embodiments are explained below with reference to the associated drawings. In the figures:
FIG. 1 shows a schematic illustration of an exemplary embodiment of the disclosed system for securely accessing data of a transportation vehicle; and
FIG. 2 shows a schematic illustration of a further exemplary embodiment of the disclosed system for securely accessing data of a transportation vehicle.
 DETAILED DESCRIPTION
Unlike conventional applications for mobile terminals, such as smartphones or tablets, transportation vehicle-based mobile online services have available to them transportation vehicle-specific data, which are recorded, for example, by sensors of the transportation vehicle in question. Using such data, it is possible to create attractive programs for transportation vehicle owners and transportation vehicle users, whose availability and/or compatibility with particular transportation vehicles will also influence the purchase decision of potential buyers in the future.
The development of mobile online services, in comparison with the development of conventional applications for mobile terminals, is however comparatively cost-intensive and time-intensive. The drawback of the known applications is that they do not have any access to transportation vehicle-specific data. There is a need to allow external developers as well to develop mobile online services that have access to transportation vehicle-specific data, to be able to provide the transportation vehicle owners and transportation vehicle users with corresponding programs in attractive conditions.
There is however always the danger of data misuse being facilitated by releasing the transportation vehicle-specific data. For this reason, a situation whereby corresponding applications gain unrestricted access to the data from transportation vehicles, which is not able to be monitored by the manufacturer or another entity, has to be avoided.
Document DE 10 2011 100 938 A1 discloses a vehicle information and entertainment system for executing applications. The system comprises an operating system that is designed to execute applications, a monitoring unit that is designed to determine current state variables of the vehicle and an authorization unit that is designed to prevent or to allow the execution of applications by the operating system depending on the determined current state variables of the vehicle.
Document DE 10 2014 218 225 A1 furthermore discloses a method for constructing a secure, authenticated connection between an object and a central computer unit, wherein the connection is constructed by a mobile computer unit, wherein authentication of a user at the central computer unit is ensured by a client certificate that has been loaded in an app on the mobile computer unit.
Document US 2012/0324482 A1 furthermore discloses a method that allows applications on a mobile terminal to be provided on a vehicle entertainment apparatus in a secure manner. To this end, a permission check is performed, by way of which the approval of a user for particular data is checked.
However, these and other known solutions do not provide any possibility as to how a release of transportation vehicle-specific data for applications on mobile terminals may be performed without a loss of control with regard to the released data.
Now, the disclosed embodiments create a possibility of providing transportation vehicle-specific data in a controlled manner for use with applications on mobile terminals.
Disclosed embodiments provide a method and a system.
In the disclosed method for securely accessing data of a transportation vehicle, a mobile terminal is provided on which there is installed an application that is designed to use data of the transportation vehicle. Furthermore, a dedicated memory is provided in which, by way of a controller of the transportation vehicle, data of the transportation vehicle are provided for retrieval by the mobile terminal. According to the disclosed embodiments, the application authenticates itself on an authentication module, designed for this purpose, by way of an identification feature, and the application on the mobile terminal, following successful authentication, is provided with read access to the dedicated memory therefor.
The disclosed method has the benefit that there is no direct access to a transportation vehicle-internal communication system, such as a transportation vehicle-internal Ethernet or a transportation vehicle bus, for instance, a Controller Area Network (CAN) bus, a Media Oriented System Transport (MOST) bus or a FlexRay bus. By using a dedicated memory, the communication interface of the transportation vehicle, which interface communicates with the mobile terminal, is decoupled from the transportation vehicle-internal communication systems. It is thus possible only to release the data for use by the application on the mobile terminal that are located in the dedicated memory. In addition, an authentication module is provided that checks the authorization of the mobile terminal and/or of the application on the mobile terminal before providing the data. The identification feature that is used may be valid only for a selected combination of application, mobile terminal and transportation vehicle. This thus prevents a manipulated application from being able to use the identification feature of another application and being able to access data of another transportation vehicle by copying the identification feature onto another mobile terminal and/or by manipulating the application. Optionally, authentication of the application on the authentication module, designed for this purpose, by way of the identification feature likewise comprises authorizing the application to access selected data in the dedicated memory. The application is granted only read access to the dedicated memory. Read access may be granted for all data or only for some of the data that are stored in the dedicated memory. Read access is granted only for data for which the application has been authorized beforehand. As an alternative, in addition to read access to the dedicated memory, the application may also be granted write access to the dedicated memory.
The controller may be connected to one or more transportation vehicle-internal communication systems and be designed to retrieve data of the transportation vehicle to be stored in the dedicated memory via the one or more transportation vehicle-internal communication systems. In this way, transportation vehicle-specific data that are already used, for example, by another transportation vehicle-specific device may be retrieved by the controller and stored in the dedicated memory. These may be, for example, sensor data on the position, speed and/or acceleration of the transportation vehicle. Furthermore, the data may relate to the energy or fuel consumption of the transportation vehicle or the state of individual transportation vehicle systems. Furthermore, the data may also relate to sensor data logs and/or profiles. As an alternative or in addition, the data may relate to image and/or audio signals that are recorded by transportation vehicle-internal cameras, radar sensors, laser scanners, ultrasound sensors and/or other imaging sensors or microphones.
The controller may prevent the application on the mobile terminal from accessing the one or more transportation vehicle-internal communication systems. Due to the fact that the controller is able to prevent the application on the mobile terminal from accessing the one or more transportation vehicle-internal communication systems, the risk of losing control over the data of the transportation vehicle is further reduced. The controller may fully or partly prevent the application on the mobile terminal from accessing the one or more transportation vehicle-internal communication systems. Some data that are communicated within the transportation vehicle, such as, for example, the time, the date or other publicly accessible and/or non-transportation vehicle-specific data, are not particularly worth protecting, such that, in some situations, partial access prevention may make sense.
The authentication module may be configured as a component of a transportation vehicle-specific media playback system or of a transportation vehicle-specific communication unit having Internet connectivity. The authentication may thus already take place in the transportation vehicle, such that no separate connection to an authentication entity is necessary. If the transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit is designed to communicate directly with the mobile terminal, for example, via BLUETOOTH®, the authentication may also take place when an Internet connection is not available. As an alternative, the authentication module may be configured as a component of a central computer that is designed to communicate with the mobile terminal and the transportation vehicle. The central computer is, for example, a back-end of a transportation vehicle manufacturer or of a third-party provider. Due to the fact that the authentication module is configured as a component of a central computer, central authentication may be performed. In the case of a certificate-based authentication, this may be beneficial when the central computer is designed to check the authenticity and validity of a certificate that is used.
The authentication of the application on the authentication module, designed for this purpose, by way of an identification feature may comprise transmission of the identification feature from the mobile terminal to the transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit and/or transmission of the identification feature from the transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit to the central computer. The central computer may be designed to generate an authorization file, which comprises, for example, a token or a certificate, and to send this to the transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit. The transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit then forwards the authorization file to the application on the mobile terminal. The authorization file may have a restricted validity and comprise information about the scope of the data to be released for the application. The central computer may furthermore inform the transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit about which data should be released to the application on the mobile terminal. The transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit, on the basis of this information, may then prompt the controller to retrieve the corresponding data via one or more transportation vehicle-internal communication systems, for instance, via a transportation vehicle bus, and store them in the dedicated memory. The mobile terminal may then access the corresponding data in the dedicated memory by way of the authorization file. If an application is subsequently identified as being defective, the authorization file or the certificate or the token within the authorization file may be declared invalid, such that the central computer blocks the data release. The application on the mobile terminal may have been investigated and checked beforehand by the manufacturer or a third-party provider so as to define the scope of the data of the transportation vehicle to be released for the application.
The identification feature may comprise a token and/or a certificate. As an alternative or in addition, PINs, hashes and other security functions may also be used. The certificate and/or the token have to be created before the first use and stored on the mobile terminal. If the mobile terminal is then connected to the transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit in terms of signaling, the application may authenticate itself directly on the transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit. The connection in terms of signaling between the transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit and the mobile terminal may be wired or wireless. For authentication purposes, the certificate or the token is transmitted to the transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit. The certificate or the token may then be transmitted in encrypted form to the central computer by the transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit. The central computer checks the certificate or the token for validity. The validity check may comprise establishing whether the application mentioned in the certificate or the token from the mobile terminal mentioned in the certificate or the token accesses the transportation vehicle mentioned in the certificate or the token. If this is confirmed, the central computer informs the transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit about which data of the transportation vehicle the application is allowed to access. As soon as the transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit has received confirmation of authenticity and has been informed which data should be provided, it may issue the application with an authorization file, which may likewise comprise a certificate or a token. A storage process also begins, which retrieves the required data from the one or more transportation vehicle-internal communication systems and stores them in the dedicated memory.
The dedicated memory may be configured as a component of a transportation vehicle-specific media playback system or of a transportation vehicle-specific communication unit having Internet connectivity. As an alternative, the dedicated memory may be configured as a component of a central computer that is designed to communicate with the mobile terminal and the transportation vehicle. If the dedicated memory is configured as a component of the transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit, a direct data exchange may take place between the transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit and the mobile terminal. If the dedicated memory is configured as a component of a central computer, data security is further increased since the data of the transportation vehicle are retrieved by the mobile terminal not directly from the transportation vehicle, but rather from a transportation vehicle-external memory. The risk of the application gaining access to further data of the transportation vehicle is thus considerably reduced.
The method may comprise transmission of data of the transportation vehicle from the one or more transportation vehicle-internal communication systems to the transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit and/or transmission of data of the transportation vehicle from the transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit to the mobile terminal. As an alternative or in addition, the method may comprise transmission of data of the transportation vehicle from the transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit to the central computer and/or transmission of data of the transportation vehicle from the central computer to the mobile terminal. Depending on the device in which the dedicated memory, to which the mobile device has access, is integrated, various combinations of the designated data transmission paths may result. Transmission of the data of the transportation vehicle from the transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit directly to the mobile terminal simplifies the access method. Transmission of the data of the transportation vehicle from the transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit via the central computer to the mobile terminal leads to even more control over the released data.
The application on the mobile terminal may retrieve the data of the transportation vehicle via an application programming interface. The retrieval of the data of the transportation vehicle from the dedicated memory by the application on the mobile terminal and/or the retrieval of the data of the transportation vehicle from the one or more transportation vehicle-internal communication systems by the controller may be performed regularly or irregularly. Furthermore, the retrieval of the data of the transportation vehicle from the dedicated memory by the application on the mobile terminal and/or the retrieval of the data of the transportation vehicle from the one or more transportation vehicle-internal communication systems by the controller may be initiated by an event. The event may relate, for example, to the presence of new data of the transportation vehicle, such that the data retrieval is initiated whenever new data of the transportation vehicle are present. In a further exemplary embodiment, the mobile terminal on which the application is installed emulates transportation vehicle-specific components, such as, for example, the transportation vehicle-specific communication unit.
The disclosed system for securely accessing data of a transportation vehicle comprises a mobile terminal and a dedicated memory. An application that is designed to use data of the transportation vehicle is installed on the mobile terminal. Data of the transportation vehicle for retrieval by the mobile terminal are provided in the dedicated memory by way of a controller of the transportation vehicle. According to the disclosed embodiments, the system is designed to execute the method for securely accessing data of a transportation vehicle according to at least one of the embodiments described above. The system may additionally have a central computer. The same benefits and modifications as described above apply.
Further exemplary embodiments result from the other features. The various embodiments cited in this application are able to be combined with one another, unless specifically indicated otherwise.
FIG. 1 shows a system 10 with a transportation vehicle 12 and a mobile terminal 14. An application 16 that is designed to use data of the transportation vehicle 12 is installed on the mobile terminal 14. The transportation vehicle 12 comprises a transportation vehicle-specific media playback system 28 and a transportation vehicle-internal communication system 24.
The transportation vehicle-internal communication system 24 comprises a CAN bus, to which a total of three sensors 26 a-26 c are connected in terms of signaling, the three sensors 26 a-26 c recording data of the transportation vehicle 12. The sensor 26 a is an acceleration sensor and provides acceleration data of the transportation vehicle 12. The sensor 26 b detects the fuel consumption of the transportation vehicle 12 and provides fuel-based consumption data of the transportation vehicle 12. The sensor 26 c is a distance sensor and provides data that relate to the distance of the transportation vehicle 12 from a transportation vehicle in front.
The transportation vehicle-specific media playback system 28 has a dedicated memory 18, a controller 20 and an authentication module 22. Data of the transportation vehicle 12 for retrieval by the mobile terminal 14 are provided in the dedicated memory 18 by way of the controller 20 of the transportation vehicle 12. The controller 20 is connected to the transportation vehicle-internal communication system 24 and designed to retrieve the data of the transportation vehicle 12 to be stored in the dedicated memory 18 from the sensors 26 a-26 c via the transportation vehicle-internal communication system 24. The controller 20 furthermore prevents the application 16 on the mobile terminal 14 from directly accessing the transportation vehicle-internal communication system 24.
The system 10 is designed for the application 16 to be able to authenticate itself on the authentication module 22, designed for this purpose, by way of an identification feature, such that, following successful authentication, read access to the dedicated memory 18 is able to be provided for the application 16 on the mobile terminal 14. The identification feature has been stored beforehand on the mobile terminal 14 and comprises a certificate that is valid for a selected application 16 on a selected mobile terminal 14 to access data of a selected transportation vehicle 12.
The authentication of the application 16 on the authentication module 22, designed for this purpose, by way of the identification feature comprises transmission of the identification feature from the mobile terminal 14 to the transportation vehicle-specific media playback system 28. To provide the data of the transportation vehicle 12, the data of the transportation vehicle 12 are transmitted from the transportation vehicle-internal communication system 24 to the transportation vehicle-specific media playback system 28. The data of the transportation vehicle 12 are then transmitted from the transportation vehicle-specific media playback system 28 to the mobile terminal 14. The authentication of the application 16 and the provision of the data of the transportation vehicle 12 for the application 16 is performed via the communication connection 32. The application 16 on the mobile terminal 14 retrieves the data of the transportation vehicle 12 from the transportation vehicle 12 via an application programming interface.
FIG. 2 shows a system 10 with a transportation vehicle 12, a mobile terminal 14 and a central computer 30. An application 16 that is designed to use data of the transportation vehicle 12 is installed on the mobile terminal 14. The transportation vehicle 12 comprises a transportation vehicle-specific media playback system 28 and a transportation vehicle-internal communication system 24. The central computer 30 is configured as a back-end of a transportation vehicle manufacturer and comprises a dedicated memory 18 and an authentication module 22. The central computer 30 is furthermore designed to communicate with the mobile terminal 14 via the communication connection 34 and with the transportation vehicle 12 via the communication connection 36.
The transportation vehicle-internal communication system comprises an MOST bus, which is connected in terms of signaling to a total of three cameras 26 a-26 c, the three cameras 26 a-26 c recording data of the transportation vehicle 12. The camera 26 a is a front camera and provides an image signal for the surroundings in front of the transportation vehicle. The camera 26 b is a rear camera and provides an image signal for the surroundings behind the transportation vehicle. The camera 26 c is an interior camera and provides an image signal for the region of the driver's seat.
The transportation vehicle-specific media playback system 28 has a controller 20. Data of the transportation vehicle 12 are provided in the dedicated memory 18 of the central computer 30 for retrieval by the mobile terminal 14 by way of the controller 20 of the transportation vehicle 12. To this end, the controller 20 is connected to the transportation vehicle-internal communication system 24 and designed to retrieve the data of the transportation vehicle 12 to be stored in the dedicated memory 18 from the cameras 26 a-26 c via the transportation vehicle-internal communication system 24. The controller 20 furthermore prevents the application 16 on the mobile terminal 14 from directly accessing the transportation vehicle-internal communication system 24.
The system 10 is designed for the application 16 to be able to authenticate itself on the authentication module 22, designed for this purpose, by way of an identification feature, such that, following successful authentication, read access to the dedicated memory 18 is able to be provided for the application 16 on the mobile terminal 14. The identification feature has been stored beforehand on the mobile terminal 14 and comprises a token that is valid for a selected application 16 on a selected mobile terminal 14 to access data of a selected transportation vehicle 12.
The authentication of the application 16 on the authentication module 22, designed for this purpose, by way of an identification feature comprises transmission of the identification feature from the mobile terminal 14 to the transportation vehicle-specific media playback system 28 and transmission of the identification feature from the transportation vehicle-specific media playback system 28 to the central computer 30.
To provide the data of the transportation vehicle 12, the data of the transportation vehicle 12 are transmitted from the transportation vehicle-internal communication system 24 to the transportation vehicle-specific media playback system 28. The data of the transportation vehicle 12 are then transmitted from the transportation vehicle-specific media playback system 28 to the central computer 30. The data of the transportation vehicle 12 are then transmitted from the central computer 30 to the mobile terminal 14. The application 16 is thus authenticated via the communication connections 32 and 36. The provision of the data of the transportation vehicle 12 for the application 16 is thus performed via the communication connections 34 and 36. The application 16 on the mobile terminal 14 retrieves the data of the transportation vehicle 12 from the central computer 30 via an application programming interface.
Due to the fact that the application authenticates itself on an authentication module, designed for this purpose, by way of an identification feature and read access to the dedicated memory is thereupon provided for the application on the mobile terminal, the disclosure allows transportation vehicle-specific data to be provided in a controlled manner for use with applications on mobile terminals.
LIST OF REFERENCE SIGNS
  • 10 system
  • 12 transportation vehicle
  • 14 mobile terminal
  • 16 application
  • 18 dedicated memory
  • 20 controller
  • 22 authentication module
  • 24 transportation vehicle-internal communication system
  • 26 a-26 c sensors or cameras
  • 28 media playback system
  • 30 central computer
  • 32 communication connection
  • 34 communication connection
  • 36 communication connection

Claims (12)

The invention claimed is:
1. A method for securely accessing data of a transportation vehicle, the method comprising:
providing a mobile terminal on which there is installed an application to use data of the transportation vehicle;
providing a dedicated memory, which is part of a central computer and in which, data of the transportation vehicle are provided to the dedicated memory via a controller of the transportation vehicle that is connected to one or more transportation vehicle-internal communication systems for retrieval from the memory by the mobile terminal;
authenticating the application on an authentication module based on an identification feature; and
providing read access to the data provided by the controller in the dedicated memory for the application on the mobile terminal in response to successful authentication,
wherein the controller prevents the authenticated application on the mobile terminal from accessing the one or more transportation vehicle-internal communication systems, and
wherein the authentication of the application on the authentication module based on the identification feature includes both transmitting the identification feature from the mobile terminal to a transportation vehicle-specific media playback system or a transportation vehicle-specific communication unit, and transmitting the identification feature from the transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit to the central computer.
2. The method of claim 1, wherein the controller is designed to retrieve data of the transportation vehicle to be stored in the dedicated memory via the one or more transportation vehicle-internal communication systems.
3. The method of claim 1, wherein the authentication module is a component of the central computer that communicates with the mobile terminal and the transportation vehicle.
4. The method of claim 1, wherein the identification feature comprises a token and/or a certificate.
5. The method of claim 1, further comprising:
transmitting data of the transportation vehicle from the one or more transportation vehicle-internal communication systems to the transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit;
transmitting data of the transportation vehicle from the transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit to the mobile terminal;
transmitting data of the transportation vehicle from the transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit to the central computer; or
transmitting data of the transportation vehicle from the central computer to the mobile terminal.
6. The method of claim 1, wherein the application on the mobile terminal retrieves the data of the transportation vehicle via an application programming interface.
7. A system for securely accessing data of a transportation vehicle, the transportation vehicle having:
a mobile terminal having an application that uses data of the transportation vehicle; and
a dedicated memory, which is part of a central computer and in which data of the transportation vehicle are provided via a controller of the transportation vehicle that is connected to one or more transportation vehicle-internal communication systems for retrieval by the mobile terminal;
wherein the system executes a method for securely accessing data of the transportation vehicle by authenticating the application on an authentication module by an identification feature, and providing read access to the data provided by the controller in the dedicated memory for the application on the mobile terminal in response to successful authentication,
wherein the controller prevents the authenticated application on the mobile terminal from accessing the one or more transportation vehicle-internal communication systems, and
wherein the authentication of the application on the authentication module based on the identification feature includes both transmitting the identification feature from the mobile terminal to a transportation vehicle-specific media playback system or a transportation vehicle-specific communication unit, and transmitting the identification feature from the transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit to the central computer.
8. The system of claim 7, wherein the controller retrieves data of the transportation vehicle to be stored in the dedicated memory via the one or more transportation vehicle-internal communication systems.
9. The system of claim 7, wherein the authentication module is a component of the central computer that communicates with the mobile terminal and the transportation vehicle.
10. The system of claim 7, wherein the identification feature comprises a token and/or a certificate.
11. The system of claim 7, wherein data of the transportation vehicle is transmitted from the one or more transportation vehicle-internal communication systems to the transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit, or data of the transportation vehicle is transmitted from the transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit to the mobile terminal, or data of the transportation vehicle is transmitted from the transportation vehicle-specific media playback system or the transportation vehicle-specific communication unit to the central computer, or data of the transportation vehicle is transmitted from the central computer to the mobile terminal.
12. The system of claim 7, wherein the application on the mobile terminal retrieves the data of the transportation vehicle via an application programming interface.
US16/337,946 2016-09-30 2017-09-14 Method for the secured access of data of a transportation vehicle Active 2039-02-03 US11604865B2 (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
DE102016219014.8A DE102016219014A1 (en) 2016-09-30 2016-09-30 Method for secure access to data of a vehicle
DE102016219014.8 2016-09-30
PCT/EP2017/073209 WO2018059964A1 (en) 2016-09-30 2017-09-14 Method for the secured access of data of a vehicle

Publications (2)

Publication Number Publication Date
US20200026864A1 US20200026864A1 (en) 2020-01-23
US11604865B2 true US11604865B2 (en) 2023-03-14

Family

ID=59887272

Family Applications (1)

Application Number Title Priority Date Filing Date
US16/337,946 Active 2039-02-03 US11604865B2 (en) 2016-09-30 2017-09-14 Method for the secured access of data of a transportation vehicle

Country Status (3)

Country Link
US (1) US11604865B2 (en)
DE (1) DE102016219014A1 (en)
WO (1) WO2018059964A1 (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109636948A (en) * 2019-01-31 2019-04-16 上海易点时空网络有限公司 Data processing method and device based on onboard system
US11417157B2 (en) * 2019-05-29 2022-08-16 Ford Global Technologies, Llc Storing vehicle data
DE102020127791A1 (en) 2020-10-22 2022-04-28 Bayerische Motoren Werke Aktiengesellschaft Method and system for providing vehicle-related data

Citations (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070156311A1 (en) * 2005-12-29 2007-07-05 Elcock Albert F Communication of automotive diagnostic data
DE102011100938A1 (en) 2011-05-09 2012-11-15 Lear Corporation Gmbh Infotainment system mounted in vehicle e.g. truck, prevents execution of application, when application authorization data for current state variables are not assigned
US20120324482A1 (en) 2011-06-20 2012-12-20 Nokia Corporation Methods, apparatuses and computer program products for provisioning applications to in vehicle infotainment systems with secured access
DE102012109620A1 (en) 2011-10-21 2013-04-25 Gm Global Technology Operations, Llc Method and device for expanding a smartphone-oriented vehicle infotainment system by means of vehicle WiFi / DSRC
DE102012012565A1 (en) 2012-06-23 2013-12-24 Audi Ag Method for entering identification data of a vehicle in a user database of an Internet server device
US20140018129A1 (en) 2012-07-12 2014-01-16 Myine Electronics, Inc. System And Method For Transport Layer Agnostic Programming Interface For Use With Smartphones
US20140121891A1 (en) * 2012-10-30 2014-05-01 Cloudcar, Inc. Automobile data abstraction and communication
DE102012221462A1 (en) 2012-11-23 2014-05-28 Robert Bosch Gmbh Method and system for remote retrieval of vehicle data
US20160071333A1 (en) 2014-09-05 2016-03-10 Vinli Vehicle Information System
DE102014218225A1 (en) 2014-09-11 2016-03-17 Robert Bosch Gmbh Method for establishing an authenticated connection for securing electronic objects
DE102015119282A1 (en) 2014-11-18 2016-05-19 Ford Global Technologies, Llc Method and system for starting an application
US20160152210A1 (en) * 2014-11-27 2016-06-02 Audi Ag Method of operating a telematics system, and telematics system
US9632920B2 (en) * 2014-05-05 2017-04-25 Matco Tools Corporation System and method for a diagnostic software service
US20170195324A1 (en) * 2016-01-05 2017-07-06 Xevo Inc. Automobile network to communicate with multiple smart devices
US9767626B2 (en) * 2015-07-09 2017-09-19 Ford Global Technologies, Llc Connected services for vehicle diagnostics and repairs
US10489132B1 (en) * 2013-09-23 2019-11-26 Sprint Communications Company L.P. Authenticating mobile device for on board diagnostic system access

Patent Citations (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070156311A1 (en) * 2005-12-29 2007-07-05 Elcock Albert F Communication of automotive diagnostic data
DE102011100938A1 (en) 2011-05-09 2012-11-15 Lear Corporation Gmbh Infotainment system mounted in vehicle e.g. truck, prevents execution of application, when application authorization data for current state variables are not assigned
US20120324482A1 (en) 2011-06-20 2012-12-20 Nokia Corporation Methods, apparatuses and computer program products for provisioning applications to in vehicle infotainment systems with secured access
DE102012109620A1 (en) 2011-10-21 2013-04-25 Gm Global Technology Operations, Llc Method and device for expanding a smartphone-oriented vehicle infotainment system by means of vehicle WiFi / DSRC
DE102012012565A1 (en) 2012-06-23 2013-12-24 Audi Ag Method for entering identification data of a vehicle in a user database of an Internet server device
US20140018129A1 (en) 2012-07-12 2014-01-16 Myine Electronics, Inc. System And Method For Transport Layer Agnostic Programming Interface For Use With Smartphones
US20140121891A1 (en) * 2012-10-30 2014-05-01 Cloudcar, Inc. Automobile data abstraction and communication
DE102012221462A1 (en) 2012-11-23 2014-05-28 Robert Bosch Gmbh Method and system for remote retrieval of vehicle data
US10489132B1 (en) * 2013-09-23 2019-11-26 Sprint Communications Company L.P. Authenticating mobile device for on board diagnostic system access
US9632920B2 (en) * 2014-05-05 2017-04-25 Matco Tools Corporation System and method for a diagnostic software service
US20160071333A1 (en) 2014-09-05 2016-03-10 Vinli Vehicle Information System
DE102014218225A1 (en) 2014-09-11 2016-03-17 Robert Bosch Gmbh Method for establishing an authenticated connection for securing electronic objects
DE102015119282A1 (en) 2014-11-18 2016-05-19 Ford Global Technologies, Llc Method and system for starting an application
US20160152210A1 (en) * 2014-11-27 2016-06-02 Audi Ag Method of operating a telematics system, and telematics system
US9767626B2 (en) * 2015-07-09 2017-09-19 Ford Global Technologies, Llc Connected services for vehicle diagnostics and repairs
US20170195324A1 (en) * 2016-01-05 2017-07-06 Xevo Inc. Automobile network to communicate with multiple smart devices

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
Search Report for International Patent Application No. PCT/EP2017/073209; dated Oct. 20, 2017.

Also Published As

Publication number Publication date
WO2018059964A1 (en) 2018-04-05
DE102016219014A1 (en) 2018-04-05
US20200026864A1 (en) 2020-01-23

Similar Documents

Publication Publication Date Title
US11853446B2 (en) Remote hardware access service
US11405779B2 (en) Vehicular communication of emergency information to first responders
KR102540090B1 (en) Electronic device and method for managing electronic key thereof
CN104955680B (en) Access restriction device, in-vehicle communication system, and communication restriction method
US20200201959A1 (en) Vehicle security system and vehicle security method
EP2797780B1 (en) Secured electronic device
US11604865B2 (en) Method for the secured access of data of a transportation vehicle
CN115116162B (en) Digital key deletion method, device, equipment, system and storage medium
CN112513844A (en) Secure element for processing and authenticating digital keys and method of operation thereof
CN113453963B (en) Scheme for providing key signal or anti-theft signal of vehicle
WO2021024739A1 (en) Vehicle-mounted relay device, vehicle-mounted communication system, communication program, and communication method
KR102490395B1 (en) Electronic device for sharing a key of external electronic device and method for the same
KR101580548B1 (en) Method to manage security algorithm for ecu of vehicle
US12212558B2 (en) Secure service operation authorization
KR20210069496A (en) Method for preventing mileage tampering of car and mileage recording device using the same
US12043211B2 (en) Autonomous vehicle security
KR20220094718A (en) Autonomous driving recorder and operation method thereof
US12330587B2 (en) Vehicle identification and secure operating program
US20240259198A1 (en) Updating vehicle ownership authorizations
US20220245254A1 (en) Control apparatus for vehicle
CN119239470A (en) Vehicle privacy protection method, device, electronic device and vehicle
EP4481702A1 (en) Drive video record system and method of controlling the same
CN120396886A (en) Vehicle-mounted OBU function dynamic authority control method, system and electronic equipment
CN120045300A (en) Digital certificate calling method, electronic equipment and vehicle
CN116782197A (en) Communication control method, device, vehicle and readable storage medium

Legal Events

Date Code Title Description
AS Assignment

Owner name: VOLKSWAGEN AKTIENGESELLSCHAFT, GERMANY

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:MEIER, ANDREAS;REEL/FRAME:048735/0476

Effective date: 20190318

FEPP Fee payment procedure

Free format text: ENTITY STATUS SET TO UNDISCOUNTED (ORIGINAL EVENT CODE: BIG.); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

STPP Information on status: patent application and granting procedure in general

Free format text: NON FINAL ACTION MAILED

STPP Information on status: patent application and granting procedure in general

Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER

STPP Information on status: patent application and granting procedure in general

Free format text: FINAL REJECTION MAILED

STPP Information on status: patent application and granting procedure in general

Free format text: ADVISORY ACTION MAILED

STPP Information on status: patent application and granting procedure in general

Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION

STPP Information on status: patent application and granting procedure in general

Free format text: NON FINAL ACTION MAILED

STPP Information on status: patent application and granting procedure in general

Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER

STCF Information on status: patent grant

Free format text: PATENTED CASE